qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 1641637] Re: incorrect illegal SSE3 instructions repor


From: Ziyue Yang
Subject: [Qemu-devel] [Bug 1641637] Re: incorrect illegal SSE3 instructions reporting on x86_64
Date: Wed, 14 Dec 2016 03:21:34 -0000

Hi Jie,

I can reproduce this by single-stepping through the bug1 testing code
using gdb, and SIGILL was encountered when executing the pabsb SSE3
instruction. Maybe it was due to QEMU's translator, I'll look further
into it.

** Changed in: qemu
       Status: New => Confirmed

** Changed in: qemu
     Assignee: (unassigned) => Ziyue Yang (yzyubuntuzh)

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1641637

Title:
  incorrect illegal SSE3 instructions reporting on x86_64

Status in QEMU:
  Confirmed

Bug description:
  Hi all, we found 28 differently encoded illegal SSE3 instructions
  reporting on the most recent x86_64 user mode linux qemu (version
  2.7.0). We believe these reporting should be incorrect because the
  same code can be executed on a real machine. The instructions are the
  following:

  pabsb %mm0, %mm1
  pabsb %xmm0, %xmm1
  pabsd %mm0, %mm1
  pabsd %xmm0, %xmm1
  pabsw %mm0, %mm1
  pabsw %xmm0, %xmm1
  phaddd %mm0, %mm1
  phaddd %xmm0, %xmm1
  phaddsw %mm0, %mm1
  phaddsw %xmm0, %xmm1
  phaddw %mm0, %mm1
  phaddw %xmm0, %xmm1
  phsubd %mm0, %mm1
  phsubd %xmm0, %xmm1
  phsubsw %mm0, %mm1
  phsubsw %xmm0, %xmm1
  phsubw %mm0, %mm1
  phsubw %xmm0, %xmm1
  pmaddubsw %mm0, %mm1
  pmaddubsw %xmm0, %xmm1
  pmulhrsw %mm0, %mm1
  pmulhrsw %xmm0, %xmm1
  psignb %mm0, %mm1
  psignb %xmm0, %xmm1
  psignd %mm0, %mm1
  psignd %xmm0, %xmm1
  psignw %mm0, %mm1
  psignw %xmm0, %xmm1

  The following is the proof of code

  /********** Beginning of bug 1.c: pabsb %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("pabsb %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 1.c **********/

  
  /********** Beginning of bug 2.c: pabsb %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("pabsb %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 2.c **********/

  
  /********** Beginning of bug 3.c: pabsd %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("pabsd %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 3.c **********/

  
  /********** Beginning of bug 4.c: pabsd %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("pabsd %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 4.c **********/

  
  /********** Beginning of bug 5.c: pabsw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("pabsw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 5.c **********/

  
  /********** Beginning of bug 6.c: pabsw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("pabsw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 6.c **********/

  
  /********** Beginning of bug 7.c: phaddd %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phaddd %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 7.c **********/

  
  /********** Beginning of bug 8.c: phaddd %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phaddd %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 8.c **********/

  
  /********** Beginning of bug 9.c: phaddsw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phaddsw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 9.c **********/

  
  /********** Beginning of bug 10.c: phaddsw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phaddsw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 10.c **********/

  
  /********** Beginning of bug 11.c: phaddw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phaddw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 11.c **********/

  
  /********** Beginning of bug 12.c: phaddw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phaddw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 12.c **********/

  
  /********** Beginning of bug 13.c: phsubd %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phsubd %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 13.c **********/

  
  /********** Beginning of bug 14.c: phsubd %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phsubd %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 14.c **********/

  
  /********** Beginning of bug 15.c: phsubsw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phsubsw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 15.c **********/

  
  /********** Beginning of bug 16.c: phsubsw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phsubsw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 16.c **********/

  
  /********** Beginning of bug 17.c: phsubw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("phsubw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 17.c **********/

  
  /********** Beginning of bug 18.c: phsubw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("phsubw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 18.c **********/

  
  /********** Beginning of bug 19.c: pmaddubsw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char i2[0x10];
  unsigned char i3[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i2)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i3)));;
      asm("pmaddubsw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 19.c **********/

  
  /********** Beginning of bug 20.c: pmaddubsw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char i2[0x10];
  unsigned char i3[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i2)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i3)));;
      asm("pmaddubsw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 20.c **********/

  
  /********** Beginning of bug 21.c: pmulhrsw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("pmulhrsw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 21.c **********/

  
  /********** Beginning of bug 22.c: pmulhrsw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("pmulhrsw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 22.c **********/

  
  /********** Beginning of bug 23.c: psignb %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("psignb %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 23.c **********/

  
  /********** Beginning of bug 24.c: psignb %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("psignb %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 24.c **********/

  
  /********** Beginning of bug 25.c: psignd %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("psignd %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 25.c **********/

  
  /********** Beginning of bug 26.c: psignd %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("psignd %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 26.c **********/

  
  /********** Beginning of bug 27.c: psignw %mm0, %mm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
      asm("psignw %mm0, %mm1");
      asm("mov %0, %%rdx\n"
          "movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 27.c **********/

  
  /********** Beginning of bug 28.c: psignw %xmm0, %xmm1 **********/

  int printf(const char *format, ...);
  unsigned char i0[0x10];
  unsigned char i1[0x10];
  unsigned char o[0x10];
  int main() {
      int k = 0;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
      asm("mov %0, %%rdx\n"
          "movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
      asm("psignw %xmm0, %xmm1");
      asm("mov %0, %%rdx\n"
          "movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
      for (k = 0; k < 0x10; k++)
          printf("%02x", o[0x10 - 1 - k]);
      printf("\n");
  }

  /********** End of bug 28.c **********/

  For any of the above code, when compiled into x86-64 binary code with
  gcc, qemu reports the illegal instructions bug. However, these can be
  correctly executed on a real machine. For example,

  $ gcc 28.c -o 28
  $ qemu-x86_64 ./28
  qemu: uncaught target signal 4 (Illegal instruction) - core dumped
  Illegal instruction
  $ ./28
  00000000000000000000000000000000

  Some information about the system:

  $ qemu-x86_64 --version
  qemu-x86_64 version 2.7.0, Copyright (c) 2003-2016 Fabrice Bellard and the 
QEMU Project developers
  $ uname -a
  Linux cgos-System-Product-Name 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 
03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
  $ gcc --version
  gcc (Ubuntu 4.8.4-2ubuntu1~14.04) 4.8.4
  Copyright (C) 2013 Free Software Foundation, Inc.
  This is free software; see the source for copying conditions.  There is NO
  warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

  
  Thanks!

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1641637/+subscriptions



reply via email to

[Prev in Thread] Current Thread [Next in Thread]